HSTS is not working.

Question

Hi there,&nbsp;We have one irule is configured on VIP which is redirecting to maintenance page if user access the wrong url on that page HSTS is not working but if we access the right url then HSTS is working. We have enabled HSTS in http profile and that is attached to the same VIP with irule. Is there any way to enable HSTS on maintenance page or any remediation to fix that issue.&nbsp;&nbsp;if { $DEBUG } { log local0. "TEST - Source IP address: [IP::client_addr]" }&nbsp; &nbsp;switch -glob $uri_ext {&nbsp; &nbsp; &nbsp; "/httpfoo*" &nbsp;{set uri_int [string map {"/httpfoo" "/adapter_plain"} $uri_ext]}&nbsp; &nbsp; &nbsp; "/httptest*" {set uri_int [string map {"/httptest" "/adapter_plain"} $uri_ext]}&nbsp; &nbsp;&nbsp; &nbsp; &nbsp; default &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;HTTP::respond 200 content [ifile get ifile_service_unavailable_html]&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;set OK 0&nbsp; &nbsp; &nbsp; }&nbsp; &nbsp;}&nbsp;Many thanks in advance.

juergen_mang · Accepted Answer

HTTP::respond 200 content [ifile get ifile_service_unavailable_html] " "Strict-Transport-Security" "max-age=16070400"
You must set the HSTS header in your HTTP response manually.
&nbsp;
&nbsp;

Forum Discussion

HSTS is not working.

Recent Discussions

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

F5 Health Monitor Receive String as JSON

Cloudflare True-Client-IP as Persistence

Get actual client ips in splunk

Related Content

to HSTS or not to HSTS

TMOS HSTS

BIG-IP Next Automation: Working with the AS3 API endpoints

Working with MasterKeys

F5 iRUule not working

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS